Malicious IoT hackers have a new enemy

IoT security is about the farthest thing from a laughing matter in the world of technology today, threatening global trade, privacy and the basic infrastructure of modern society. So you could be forgiven for being taken aback that the newest defender of vulnerable systems against bad actors looks a little like Johnny 5 from the movie Short Circuit.

Researchers at Georgia Tech’s School of Electrical and Computer Engineering rolled out the HoneyBot robot late last week. In essence, it’s a canary in the digital coal mine, offering an early warning that someone is trying to compromise an organization’s systems.

HoneyBot is designed to look like a perfectly ordinary remote-controlled robot to anyone attempting to access it remotely, providing sensor data and movement information to that remote user. Where it differs, however, is if a user tries to get it to do something the owner doesn’t want it to do – HoneyBot can provide simulated responses to those commands without enacting them in the real world. So, if a bad actor tried to get the device to run itself into a production line, for example, it could provide output indicating that it had done just that, while in reality simply sitting still and warning nearby personnel that it had been compromised.

What’s more, the researchers have done preliminary testing that indicates the concept works. An experiment conducted in December 2017 found that users trying to virtually pilot the HoneyBot through a maze couldn’t distinguish between real and simulated sensor data – those who attempted to take “forbidden” shortcuts through the maze thought that they were progressing normally, even though the robot was sitting still.

Raheem Beyah, the professor who spearheaded the HoneyBot’s creation, told the university’s information service that it can be tough to fool an astute hacker.

“If the attacker is smart and is looking out for the potential of a honeypot, maybe they’d look at different sensors on the robot, like an accelerometer or speedometer, to verify the robot is doing what it had been instructed,” he said. “That’s where we would be spoofing that information as well. The hacker would see from looking at the sensors that acceleration occurred from point A to point B.”

The IDG News Service is the world's leading daily source of global IT news, commentary and editorial resources. The News Service distributes content to IDG's more than 300 IT publications in more than 60 countries.